Google 2FA app token can be updated without checking the old 2FA by 
Ciro Santilli 35 Updated 2025-04-24 +Created 1970-01-01
Ciro Santilli 35 Updated 2025-04-24 +Created 1970-01-01 There is value in tutorials written by early pioneers of the field by Ciro Santilli 35 Updated 2025-04-24 +Created 1970-01-01
Ciro Santilli 35 Updated 2025-04-24 +Created 1970-01-01Everyone is beginner when the field is new, and there is value in tutorials written by beginners.
For example, Ciro Santilli felt it shocking how direct and satisfying Richard Feynman's scientific vulgarization of quantum electrodynamics were, e.g. at: Richard Feynman Quantum Electrodynamics Lecture at University of Auckland (1979), and that if he had just assumed minimal knowledge of mathematics, he was about to give a full satisfactory picture in just a few hours.
Other supporters of this:
- Ron Maimon: the same also applies to early original papers of the field, not just tutorials
- Dean Kamen: quick mention at: fi.edu/en/awards/laureates/dean-kamen, but a better longer mention on Dreamer (2020), nearby section from trailer: youtu.be/Cj2VKVJKf1I?t=16
Ciro Santilli intends to move his beauty list here little by little: github.com/cirosantilli/mathematics/blob/master/beauty.md
The most beautiful things in mathematics are results that are:
- simple to state but hard to prove:
- Fermat's Last Theorem
- number of unknown rationality, e.g. is rational?
- transcendental number conjectures, e.g. is transcendental?
- basically any conjecture involving prime numbers:
- many combinatorial game questions, e.g.:
- surprising results: we had intuitive reasons to believe something as possible or not, but a theorem shatters that conviction and brings us on our knees, sometimes via pathological counter-examples. General surprise themes include:Lists:
- classification of potentially infinite sets like: compact manifolds, etc.
- problems that are more complicated in low dimensions than high like:
- generalized Poincaré conjectures. It is also fun to see how in many cases complexity peaks out at 4 dimensions.
- classification of regular polytopes
- unpredictable magic constants:
- why is the lowest dimension for an exotic sphere 7?
- why is 4 the largest degree of an equation with explicit solution? Abel-Ruffini theorem
- undecidable problems, especially simple to state ones:
- mortal matrix problem
- sharp frontiers between solvable and unsolvable are also cool:
- attempts at determining specific values of the Busy beaver function for Turing machines with a given number of states and symbols
- related to Diophantine equations:
- applications: make life easier and/or modeling some phenomena well, e.g. in physics. See also: explain how to make money with the lesson
Good lists of such problems Lists of mathematical problems.
Whenever Ciro Santilli learns a bit of mathematics, he always wonders to himself:Unfortunately, due to how man books are written, it is not really possible to reach insight without first doing a bit of memorization. The better the book, the more insight is spread out, and less you have to learn before reaching each insight.
Am I achieving insight, or am I just memorizing definitions?
How to use an Oxford Nanopore MinION to extract DNA from river water and determine which bacteria live in it Fisher Scientific UVP LM-26E Benchtop 2UV Transilluminator by Ciro Santilli 35 Updated 2025-04-24 +Created 1970-01-01
Ciro Santilli 35 Updated 2025-04-24 +Created 1970-01-01www.bidspotter.com/en-us/auction-catalogues/bscsur/catalogue-id-bscsur10011/lot-c6605b41-1a14-40e5-a255-a5c5000866e0 (archive) Cannot exact same product on official website, but here is a similar one: www.fishersci.co.uk/shop/products/lm-26-2uv-transilluminator/12382038 (archive).
CIA 2010 covert communication websites USA spying on its own allies by Ciro Santilli 35 Updated 2025-04-24 +Created 1970-01-01
Ciro Santilli 35 Updated 2025-04-24 +Created 1970-01-01Being Brazilian, Ciro Santilli is particularly curious about the existence of a Brazilian-focused website one mentioned in the article, as well as in other democracies.
WTF the CIA was doing in Brazil in the early 2010s! Wasn't helping to install the Military dictatorship in Brazil enough!
Here are the democracies found so far, defining a democracy as a country with score 7.0 or more in the Democracy index 2010. In native language:In English, so more deniable:"Almost democracies":Ciro couldn't help but feel as if looking through the Eyes of Sauron himself!
- France (6: affairesdumonde.com, guide-daventure.com, lesummumdelafinance.com, football-de-luxe.com, romulusactualites.com, suparakuvi.com)
- Germany(2: dedrickonline.com, neighbour-news.com)
- Italy (2: attivitaestremi.com, garanziadellasicurezza.com, podisticamondiale.com)
- Spain (3: armashoy.com, montanismoaventura.com, ordenpolicial.com)
- Brazil (2: noticiasmusica.net, vejaaeuropa.com)
- South Korea (1: economicnewsbuzz.com)
- Poland (1: boxingstop.net)
- Japan (1: snapnewsfront.net)
- Canada (2: kanata-news.com, mynewscheck.com)
- Philippines (1: half-court.net)
- India (1: amishkanews.com)
- Croatia (2: european-footballer.com, stara-turistick.com)
- Thailand (1: thefairwaysaregreen.com)
- Peru (1: todosperuahora.com)
It is worth noting that democracies represent just a small minority of the websites found. The Middle East, and Spanish language sites (presumably for Venezuela + war on drugs countries?) where the huge majority. But Americans have to understand that democracies have to work together and build mutual trust, and not spy on one another. Even some of the enlightened people from Hacker News seem to not grasp this point. The USA cannot single handedly maintain world order as it once could. Collaboration based on trust is the only way.
Snowden's 2013 revelations particularly shocked USA allies with the fact that they were being spied upon, and as of the 2020's, everybody knows this and has "stopped caring", and or moved to end-to-end encryption by default. This is beautifully illustrated in the Snowden when Snowden talks about his time in Japan working for Dell as an undercover NSA operative:
NSA wanted to impress the Japanese. Show them our reach. They loved the live video from drones. This is Pakistan right now [video shows CIA agents demonstrating drone footage to Japanese officials]. They were not as excited about that we wanted their help to spy on the Japanese population. They said it was against their laws.
Another noteworthy scene from that movie is Video "Aptitude test scene from the Snowden 2016 film", where a bunch of new CIA recruits are told that:
CIA 2010 covert communication websites by Ciro Santilli 35 Updated 2025-04-24 +Created 1970-01-01
Ciro Santilli 35 Updated 2025-04-24 +Created 1970-01-01This article is about covert agent communication channel websites used by the CIA in many countries from the late 2000s until the early 2010s, when they were uncovered by counter intelligence of the targeted countries circa 2011-2013. This discovery led to the imprisonment and execution of several assets in Iran and China, and subsequent shutdown of the channel.
The existence of such websites was first reported in November 2018 by Yahoo News: www.yahoo.com/video/cias-communications-suffered-catastrophic-compromise-started-iran-090018710.html.
Previous whispers had been heard in 2017 but without clear mention of websites: www.nytimes.com/2017/05/20/world/asia/china-cia-spies-espionage.html:
Most notably, starting in 2008, CIA contractor John Reidy started raising concerns about the security of the communication systems used, but he was silenced and ignored, leading to catastrophe.[ref][ref]
Then in September 2022 a few specific websites were finally reported by Reuters: www.reuters.com/investigates/special-report/usa-spies-iran/, henceforth known only as "the Reuters article" in this article.
Banner of the Reuters article
. Source. 
Ciro Santilli heard about the 2018 article at around 2020 while studying for his China campaign because the websites had been used to take down the Chinese CIA network in China. He even asked on Quora: www.quora.com/What-were-some-examples-of-the-websites-that-the-CIA-used-around-2010-as-a-communication-mechanism-for-its-spies-in-China-and-Iran-but-were-later-found-and-used-to-take-down-their-spy-networks but there were no publicly known domains at the time to serve as a starting point. Chris, Electrical Engineer and former Avionics Tech in the US Navy, even replied suggesting that obviously the CIA is so competent that it would never ever have its sites leaked like that:
Seriously a dumb question.
So when Ciro Santilli heard about the 2022 article almost a year after publication, and being a half-arsed web developer himself, he knew he had to try and find some of the domains himself using the newly available information! It was an irresistible real-life capture the flag. The thing is, everyone who has ever developed a website knows that its attack surface is about the size of Texas, and the potential for fingerprinting is off the charts with so many bits and pieces sticking out. Chris, get fucked.
In particular, it is fun to have such a clear and visible to anyone examples of the USA spying on its own allies in the form of Wayback Machine archives.
Given that it was reported that there were "more than 350" such websites, it would be really cool if we could uncover more of those websites ourselves beyond the 9 domains reported by Reuters!
This article documents the list of extremely likely candidates Ciro has found so far, mostly using:more details on methods also follow. It is still far from the 885 websites reported by citizenlabs, so there must be key techniques missing. But the fact that there are no Google Search hits for the domains or IPs (except in bulk e.g. in expired domain trackers) indicates that these might not have been previously clearly publicly disclosed.
- rudimentary IP range search on viewdns.info starting from the websites reported by Reuters
- heuristic search for keywords in domains of the 2013 DNS Census plus Wayback Machine CDX scanning
If anyone can find others, or has better techniques: Section "How to contact Ciro Santilli". The techniques used so far have been very heuristic, and that added to the limited amount of data makes it almost certain that several IP ranges have been missed. There are two types of contributions that would be possible:Perhaps the current heuristically obtained data can serve as a good starting for a more data-oriented search that will eventually find a valuable fingerprint which brings the entire network out.
- finding new IP ranges: harder more exiting, and potentially requires more intelligence
- better IP to domain name databases to fill in known gaps in existing IP ranges
Disclaimer: the network fell in 2013, followed by fully public disclosures in 2018 and 2022, so we believe it is now more than safe for the public to know what can still be uncovered about the events that took place. The main author's political bias is strongly pro-democracy and anti-dictatorship.
May this list serve as a tribute to those who spent their days making, using, and uncovering these websites under the shadows.
If you want to go into one of the best OSINT CTFs of your life, stop reading now and see how many Web Archives you can find starting only from the Reuters article as Ciro did. Some guidelines:
- there was no ultra-clean fingerprint found yet. Some intuitive and somewhat guessy data analysis was needed. But when you clean the data correctly and make good guesses, many hits follow, it feels so good
- nothing was paid for data. But using cybercafe Wifi's for a few extra IPs may help.
viewdns.info
. Source. activegameinfo.com domain to IP
viewdns.info
. Source. aroundthemiddleeast.com IP to domain
amazon.com,2012-02-01T21:33:36,72.21.194.1
amazon.com,2012-02-01T21:33:36,72.21.211.176
amazon.com,2013-10-02T19:03:39,72.21.194.212
amazon.com,2013-10-02T19:03:39,72.21.215.232
amazon.com.au,2012-02-10T08:03:38,207.171.166.22
amazon.com.au,2012-02-10T08:03:38,72.21.206.80
google.com,2012-01-28T05:33:40,74.125.159.103
google.com,2012-01-28T05:33:40,74.125.159.104
google.com,2013-10-02T19:02:35,74.125.239.41
google.com,2013-10-02T19:02:35,74.125.239.46
The four communication mechanisms used by the CIA websites
. Java Applets, Adobe Flash, JavaScript and HTTPS
You can never have enough Wayback Machine tabs open
. This is how the end of the fingerprint pipeline looks like: as many tabs as you have the patience to go through one by one!
Expired domain names by day 2011
. Source. The scraping of expired domain trackers to Github was one of the positive outcomes of this project.Compromised Comms by Darknet Diaries (2023)
Source. It was the YouTube suggestion for this video that made Ciro Santilli aware of the Reuters article almost one year after its publication, which kickstarted his research on the topic.
Full podcast transcript: darknetdiaries.com/transcript/75/
Ciro Santilli pinged the Podcast's host Jack Rhysider on Twitter and he ACK'ed which is cool, though he was skeptical about the strength of the fingerprints found, and didn't reply when clarification was offered. Perhaps the material is just not impactful enough for him to produce any new content based on it. Or also perhaps it comes too close to sources and methods for his own good as a presumably American citizen.
Like the U.S.' spring term.
Pinned article: ourbigbook/introduction-to-the-ourbigbook-project
Welcome to the OurBigBook Project! Our goal is to create the perfect publishing platform for STEM subjects, and get university-level students to write the best free STEM tutorials ever.
Everyone is welcome to create an account and play with the site: ourbigbook.com/go/register. We belive that students themselves can write amazing tutorials, but teachers are welcome too. You can write about anything you want, it doesn't have to be STEM or even educational. Silly test content is very welcome and you won't be penalized in any way. Just keep it legal!
Intro to OurBigBook
. Source. We have two killer features:
- topics: topics group articles by different users with the same title, e.g. here is the topic for the "Fundamental Theorem of Calculus" ourbigbook.com/go/topic/fundamental-theorem-of-calculusArticles of different users are sorted by upvote within each article page. This feature is a bit like:
- a Wikipedia where each user can have their own version of each article
- a Q&A website like Stack Overflow, where multiple people can give their views on a given topic, and the best ones are sorted by upvote. Except you don't need to wait for someone to ask first, and any topic goes, no matter how narrow or broad
This feature makes it possible for readers to find better explanations of any topic created by other writers. And it allows writers to create an explanation in a place that readers might actually find it.
Figure 1. Screenshot of the "Derivative" topic page. View it live at: ourbigbook.com/go/topic/derivativeVideo 2. OurBigBook Web topics demo. Source. - local editing: you can store all your personal knowledge base content locally in a plaintext markup format that can be edited locally and published either:This way you can be sure that even if OurBigBook.com were to go down one day (which we have no plans to do as it is quite cheap to host!), your content will still be perfectly readable as a static site.
- to OurBigBook.com to get awesome multi-user features like topics and likes
- as HTML files to a static website, which you can host yourself for free on many external providers like GitHub Pages, and remain in full control
Figure 2. You can publish local OurBigBook lightweight markup files to either OurBigBook.com or as a static website.
Figure 3. Visual Studio Code extension installation.
Figure 5. . You can also edit articles on the Web editor without installing anything locally. Video 3. Edit locally and publish demo. Source. This shows editing OurBigBook Markup and publishing it using the Visual Studio Code extension. 
- Infinitely deep tables of contents:
All our software is open source and hosted at: github.com/ourbigbook/ourbigbook
Further documentation can be found at: docs.ourbigbook.com
Feel free to reach our to us for any help or suggestions: docs.ourbigbook.com/#contact